I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?
I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?
CloudFlare tunnel with Zero Trust, plus their bot and abuse blocking. Users can get in with the right oauth, plus only allowed from the countries I know they’re in. Then just their username and password on jellyfin.
Using cloudflare tunnels means nothing is encrypted and cloudflare sees all.
Oh no they’ll see I’m watching TNG
just run wireguard on the jelly server…
My users aren’t going to figure that out.
they don’t have to figure it out, you are the one running it
They’d have to connect to it, and possibly reconnect. That aspect is the issue.
I hate the cloudflare stuff making me do captchas or outright denying me with a burning passion. My fault for committing the heinous crime of using a VPN!
Skill issue
Doesn’t streaming media over a cloudflare tunnel/proxy violate their ToS
No, they removed that clause some 2 or 3 years back.
🤫
They prohibit large amounts of media being streamed, and they reserve the right to suspend or terminate accounts for it. Multiple years in, that has not happened.
Edit: here, you can read https://blog.cloudflare.com/updated-tos/
Cloudflare is known for being unreliable with how and when it enforces the ToS (especially for paying customers!). Just because they haven’t cracked down on everyone doesn’t mean they won’t arbitrarily pick out your account from thousands of others just to slap a ban on. There’s inherent risk to it